fbpx Skip to content


NPO's are the 6th most targeted industry for cyber attacks.

In the past 5 years, non-profit organizations accounted for 5% of cyber insurance claims. To date, the maximum cost of a non-profit cyber incident has reached $1.2 million.

3 Types of Cyber Incidents Affecting Non-Profit Organizations


Malicious software that cybercriminals use to publish or block access to sensitive data. With ransomware, a cybercriminal encrypts files on a non-profit's network. The criminal then demands a ransom in exchange for a decryption key that restores the non-profit's access to these files.

Online Donations

Donation websites that replicate those of non-profit organizations. Cybercriminals use these sites to impersonate non-profits and collect money after natural disasters and other major events.


The use of emails or texts to impersonate a legitimate sender to lure a recipient to download a malicious file or share sensitive information. A cybercriminal can send a message to a non-profit employee and claim to be the organization's CEO or a known third party. The criminal can request a money transfer or sensitive information. Since the message appears to come from a credible source, the employee is likely to comply with the request.

What Cyber Attack's Look Like for NPO's

NPO Refusing Ransom

A non-profit suffered a ransomware attack only a few weeks before its biggest fundraiser of the year. Cybercriminals encrypted the non-profit's data and demanded a ransom to restore it. The non-profit refused to pay the ransom, and cybercriminals wiped out its servers.

Scammers Posing as NPO's

Government agencies have received multiple reports about scammers fraudulently soliciting donations for people, areas, and groups affected by the COVID-19 pandemic. These scammers often pose as or use the name of a real charity to solicit donations.

Targeted Employees

Cybercriminals used a phishing email to trick a non-profit employee to buy solar panels for health centers located in Pakistan. The employee received invoices for the solar panels, assumed they came from a legitimate source, and paid nearly $1 million to cover the cost. Thanks to cyber insurance, the non-profit recovered most of the funds it lost in the phishing scam.

When the worst happens, you'll have the best legal, technical and financial support

Backed by a multi-billion dollar insurance partner, DataStream provides broad coverage for your first-party and third-party losses, including breach, ransomware, cybercrime, cyber terrorism, and risk analysis tools.


Small-to-medium businesses that do not offer IT consulting services to assist in managing the technology and security of other businesses.


IT Consultant businesses (MSP, MSSP, etc.) that manage the technology and security of other businesses.